Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Determin location from IP


  • Please log in to reply
13 replies to this topic

#1 AcesDnied

AcesDnied

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 07 July 2012 - 02:33 PM

I'm curious if ISPs are keeping geographical information (long / lat) on the IP addresses they assign to their users and then are able to sell this information to somebody who's trying to sell advertising / marketing on a website.

All this to debunk an advertising agency that might have suckered in my boss...

We got an e-mail telling us to click the link to see the ad, great, joy it's there and looks good. Next week we got another link in the mail saying "click here, click on a local news story, and you'll eventually see your ad on the right." Sure enough we saw our ad (over and over and over because my boss was so excited to be showing up 25% of the time...) That's what the company claimed, 25% rotation with 3 other companies.

A few weeks ago I cleared the cache and cookies because we were having some problems getting a site to display correctly (fixed the issue), and then when he started going to the website the next day he was calling me at work saying we weren't showing up. Sure enough, I must have hit the refresh page 100+ times and never saw the company's ad (I did see about 30 other companies' advertisements). I got suspicious, and started going back over the e-mails. Sure enough the link we followed to the parent site had this added to the end of it: ...com/#setcommuninty=southeasttlyer. The light went on, I followed the link, clicked an article, refreshed 3 or 4 times and there we were again. Cleared the cache and cookies and got the same problem as before.

I e-mailed their people and this was the laughable answer I got in reply, the website must have known where I was, based on my IP address, and that's why we didn't have problems seeing the ad before I cleared the cookies and cache...

So I live on the NW side of the same city and did a whois lookup on my IP, and 1 site had me in the south east side of town, while a few had me listed maybe 5 miles from my actual location. I've been doing this for a long time, and the only thing I could think of that could tell anybody exactly where you were is the ISP telling you that customer X was online at XX:XX with this IP. Here's their address.


So I think these people are full of it, and I know the only reason we saw our ad is because the link they sent through e-mail set our community on that website to southeasttyler.

My question is, is there decent software out there that could actually pull this off without having to reconfigure a cookie so a user gets targeted advertising? I'll be curious what it is they claim they're using. I sent the owner of the site and e-mail after the run around from the ad agency.

I'm sure this was kind of rambling, but if you need clarification on any point just let me know and I'll be as precise as I can.

Edited by AcesDnied, 07 July 2012 - 02:36 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:18 AM

Posted 07 July 2012 - 02:39 PM

I'm curious if ISPs are keeping geographical information (long / lat) on the IP addresses they assign to their users and then are able to sell this information to somebody who's trying to sell advertising / marketing on a website.


That would be a direct violation of the Privacy Laws, however, stating that any website you go to can do the same as they have your IP.

The who is information only contains information on who is paying for the allocated IP's and not the location of where users are.

#3 AcesDnied

AcesDnied
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 07 July 2012 - 03:11 PM

That was exactly what I was thinking. I just wanted confirmation.

#4 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:03:18 AM

Posted 07 July 2012 - 03:17 PM

That would be a direct violation of the Privacy Laws


What privacy laws would that be, and in what country? Unless I have something on my website explicitly stating that I won't use your IP address for marketing/data mining/anything-I-want, I am free to use whatever user data I can collect in any manner I choose. All server requests include the IP of the client; it takes milliseconds to determine a location, and to recreate the page in such a manner that the user gets ads that are targeted to their geo-physical location, more or less. No cookies needed at all.

There is no guarantee of any sort of privacy anywhere on the web.

#5 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:18 AM

Posted 07 July 2012 - 04:31 PM

Well the ISP's Terms of Conditions and what not stating they wont use or sell user information to marketers.

#6 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:03:18 AM

Posted 07 July 2012 - 04:53 PM

Well the ISP's Terms of Conditions and what not stating they wont use or sell user information to marketers


What the ISP may say is not law, and what the ISP may do has no bearing on what I may as a web site administrator. I can use any information gleaned from users of my site in any way I choose. In my case, I choose to be ethical and not leverage user information is such a way that may seem 'creepy', but that is my choice. I may decide at some point that user information used in a different manner; that is my prerogative. :)

#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:18 AM

Posted 07 July 2012 - 05:04 PM

This is what that comment was related to:

I'm curious if ISPs are keeping geographical information (long / lat) on the IP addresses they assign to their users and then are able to sell this information to somebody who's trying to sell advertising / marketing on a website.


I understand that from a web admin point of view and a system admin.

Many ISP's that I have dealt with have such privacy laws and regulations.

#8 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:03:18 AM

Posted 07 July 2012 - 05:21 PM

That is fine, but it is not a 'law'. There are no punitive measures, nor recompense by the judicial system, in the case that the ISP violates their stated terms. :)

#9 AcesDnied

AcesDnied
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 08 July 2012 - 03:58 PM

Ok Groovicus, here's where it gets tricky. This website is using super local targeting. The last time I saw their request for me to "pick a community" there were 15 different locations in the city they were using (I never select any community).

Before the link was ever clicked on I'm assuming we were seeing the default page with no targeting available. After clicking on the link the marketing agency sent us we were able to see our ad every time we visited the site. Makes sense to me because at the end the tag was /setcommunity=southeasttyler.

Now the company is telling me that the reason I saw the ads in the first place is because the site was able to determine my location based on the IP address. However, after clearing cookies and cache the ad never shows up. The ad has never shown up since clearing the cookies and cache until I clicked on their link again setting my community.

The point of all this is to find out how full of crap these guys are. Is it possible to actually get a close enough location to determine where a user is and show them specific ads based on location in a city 52.7 sq miles?

The problem is, in my opinion, a lack of truthfulness from the company. When I see a page pop up a window for me to choose something, 99% of the time I close the window. When I go to this site I simply type in kltv.com. So the average user visiting the site, how likely are they to see our ad if it depends on them selecting a community? I'd say almost 0. After 100+ page refreshes the ad never showed up.

The contract stated very specifically that we would show up 25% of the time in these ads, however it did say for (south east tyler). Their contract is true to their word, however, how they talked my boss into it is another argument. They left out the specifics of only showing up under certain circumstances and settings on a user's computer.

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:18 AM

Posted 08 July 2012 - 04:25 PM

We gather two types of information about the users of our Services:

(1) Non-personally identifiable information: When you use our Services, we may collect and aggregate information indicating, among other things, which pages were visited, the order in which they were visited, and which hyperlinks were "clicked." Collecting such information involves the logging of IP addresses, operating system and browser software used by each user. Although such information is not personally identifiable, we can determine from the IP address a visitor's Service Provider and the geographic location of his or her point of connectivity.

The non-personally identifiable information we collect helps us diagnose problems with our server, administer the Services, identify the most popular areas or features of the Services, and determine the effectiveness of our promotional activities. In addition, we may disclose some of this information to advertisers to inform them of the number of people who have seen and/or clicked through their advertisements.

For the same purposes, we use "cookies"--that is, small text files placed on your computer's hard drive--to help us determine the type of content and sites to which you link, the length of time you spend at any particular area or feature of the Services, and your usage of our Services. Cookies also tell us which advertising you have seen on the Services. At certain times, we may use outside advertising companies to display advertisements on the Services that may contain cookies ("banner ads"). These banner ads collect information stored by the advertising company and we do not have access to this information


How we use (and do not use) the information we gather

Please take some time to familiarize yourself with the different ways we use the information that we gather. We cannot and do not assume any responsibility for any actions or omissions of third parties, including the manner in which they use information received either from us or independently. Nevertheless, in the event you encounter any third party associated with, or who claims association with us who you feel is improperly collecting or using information about you, please contact us at www.raycommedia.com; we will be happy to forward your message to the third party.

(1) We use non-personally identifiable information in aggregate form to build higher quality, more useful Services by performing statistical analyses of the collective characteristics and behavior of the users and visitors of the Services, and by measuring demographics and interests regarding specific features or areas of the Services. We provide statistical information based on this data to advertisers, affiliates, and other current and potential business partners. We also use the aggregate data to inform these third parties as to the number of people who have seen and clicked on links to their websites or services.

The Services may contain links to other Internet websites or services, including co-branded or other affiliated sites or services that may or may not be owned or operated by us. Unless otherwise explicitly stated, we are not responsible for the privacy practices or the content of such sites or services, including their use of any information (such as IP number, browser type, or operating system) collected when users or visitors to our Services click through links to those sites or services. Even though such information might not identify you personally, we strongly encourage you to become familiar with the privacy practices of those sites and services.


The above is from: http://www.kltv.com/story/8774923/privacy-policy

#11 AcesDnied

AcesDnied
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 08 July 2012 - 11:18 PM

Thanks dan. Never would have thought to look in the privacy section...

#12 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:18 AM

Posted 09 July 2012 - 07:51 AM

As Groovicus said, it is definitely possible to geotarget ads based upon the location derived from your IP address. I just checked Google's Doubleclick for Publishers and I can target down to my zip code.

Now, its not going to be 100% accurate, but its accurate enough.

#13 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 7,112 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:09:18 AM

Posted 29 August 2012 - 04:02 PM

I must respectfully disagree with Groovicus when he says that there is no legal penalty on an ISP breaking their terms.

Terms and conditions are part of a civil contract between you and the ISP, and contracts work both ways, and either party can breach the terms, in which case the offended party can seek redress even to the extent of suing.

It may well be the case that the resulting damages are so slight that it is not worth going to these lengths - that is a different matter. And in any case it would be a brave user of internet services that took on one of the big ISPs in a court case !

Chris Cosgrove

#14 KamakaZ

KamakaZ

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:08:18 PM

Posted 30 August 2012 - 05:45 PM

In Australia, it is next to impossible to get the users location from their IP. I'm in Warrnambool, however based on my IP websites that try to target me on a map always put me in Melbourne, about 300km's away, making targeting ads very difficult, unless we had other information about the user.

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users